- Print
- PDF
Each remote device is associated with a unique Grain-128a authentication security key. In addition to the device-specific security key, remote devices from Cisco Provider Connectivity Assurance Sensor Modules(formerly Skylight modules) release 1.3 or later also support the use of the Accedian Management Key (AMK), which is a security key that is unique to Cisco Provider Connectivity Assurance (formerly Accedian).
Use this page to define how the security key information associated with the most recent management session is backed up to an external server. You can also import a file containing the security key for multiple remote devices here.
▶ To back up remote device security keys
Access the page Remote Devices ▶Security Key Management.
Complete the fields in the Security Key Management Configuration section of the page.
(Optional) Click Test to ensure that the parameters you entered are valid.
Click Apply to save your changes.
For information on specific parameters, refer to the following section.
Security Key Management Parameters (Remote Devices ▶ Security Key Management)
Backup Period (min): The period of time, expressed in minutes, between each backup of the security information for remote devices.
The default value is 1440 minutes, i.e., once every 24 hours. Minimum value is 5 minutes.
Note: Set this value to 0 to disable backing up the security information.
Server URL: The address of the server where the security key information file generated by the Cisco Provider Connectivity Assurance Sensor Control is saved.
As soon as the server URL is configured, the key is rotating at the same interval as the backup.
Note: The following special characters are not allowed in the URL: "<", ">", "\n", "\r", "\t".
Examples of the expected syntax are as follows:
- ftps://username@example.com
- sftp://username@192.0.2.0/24
- scp://username@1192.0.2.0/24:/target_directory
- scp://username@[2001:DB8::/32]:/target_directory
Note: Do not include a filename in the security key backup URL. Simply specify the path, and a filename will be generated by the system.
SCP password: The authentication password used when transferring the security key information file to the remote file server.
Note: The SCP password parameter applies to all secure protocols, not only to SCP.
▶ To import a list of remote device security keys
Access the page Remote Devices ▶ Security Key Management.
In the Import Security Key section of the page, click Browse to navigate to the CSV file containing the security key values.
Click Import to upload the file.
The CSV file you select must contain the device's details, as shown in the example below.
Serial Number,MAC,Grain Key
S001- 0000,00:15:01:00:00:00,00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f
© 2024 Cisco and/or its affiliates. All rights reserved.
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms
For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks